The remote Gentoo host is missing one or more security-related
patches.

Description :

The remote host is affected by the vulnerability described in GLSA-200609-07
(LibXfont, monolithic X.org: Multiple integer overflows)

Several integer overflows have been found in the CID font parser.

Impact :

A remote attacker could exploit this vulnerability by enticing a user
to load a malicious font file resulting in the execution of arbitrary
code with the permissions of the user running the X server which
typically is the root user. A local user could exploit this
vulnerability to gain elevated privileges.

Workaround :

Disable CID-encoded Type 1 fonts by removing the 'type1' module and
replacing it with the 'freetype' module in xorg.conf.

Contact

The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.